from the oh-look,-we-have-policies dept

Earlier this week, we wrote about a really dumb move by Google to effectively kick out all of the bloggers who use its blogger platform to post "adult" content -- either text or images. Google gave such bloggers just 30 days to find a new home before it would make all their blogs private. It insisted that, going forward, the content police at Google would determine what photographs were "artistic" and allowed, and which were "dirty" and not allowed. As we noted, this move seemed particularly tone deaf and problematic, and could lead to other problems for Google. And a lot of other people agreed.

This week, we announced a change to Blogger’s porn policy. We’ve had a ton of feedback, in particular about the introduction of a retroactive change (some people have had accounts for 10+ years), but also about the negative impact on individuals who post sexually explicit content to express their identities. So rather than implement this change, we’ve decided to step up enforcement around our existing policy prohibiting commercial porn.

Blog owners should continue to mark any blogs containing sexually explicit content as “adult” so that they can be placed behind an “adult content” warning page.

Bloggers whose content is consistent with this and other policies do not need to make any changes to their blogs.

Thank you for your continued feedback.

So, kudos to Google for at least hearing the feedback and rolling back the change -- though it's still unfortunate that it even had to come to that in the first place. It seems likely that many of those bloggers may go looking for alternate hosting anyway.

from the good-to-see dept

We've written in the past about the EFF's Who Has Your Back rankings, in which it looks at various internet companies to see who protects your privacy against governments and lawsuits. Now, the EFF has come out with an offshoot chart, looking at who has your back when it comes to bogus copyright and trademark demands. The only two companies that get a perfect score are Automattic/WordPress and NameCheap, as you can see on the full chart. The worst, somewhat surprisingly, is Tumblr, which scored a big fat zero out of the five listed items.

Automattic's Wordpress.com and NameCheap were the only two companies to receive five out of five stars. However, two other companies were recognized for going the extra mile: Etsy, for providing educational guides, and Twitter, for publishing regular and thorough transparency reports. Overall, 10 companies did not publish adequate transparency reports, highlighting an information black hole for consumers. Additionally, four companies missed a star for their counter-notice practices—a critical procedure for restoring content that may have been taken down without cause.

Twitter lost a point for not documenting the counternotice process. Etsy lost a point for failing to have a transparency report (something I'm guessing the company will do before too long). Facebook also doesn't have a transparency report -- though it does have one for government requests, so hopefully it will expand that to copyright and trademark takedown requests as well. YouTube lost points for not requiring a DMCA notice (thank you ContentID) before taking down content. Imgur also doesn't require a DMCA notice (which surprised me).

The EFF's original "Who Has Your Back" effort really did help shame many companies into upping their game in protecting the privacy of users from government requests. Hopefully this new one will do the same for copyright and trademark takedowns.

from the those-who-can't,-administrate dept

I don't know what possesses certain individuals and entities to address their screwups by attempting to bury them, especially in an age where a wealth of information is still (mostly) a Google search away. Whatever happened to taking responsibility for errors of judgement? By opting for the "hasty burial" method of reputation management, these entities almost invariably direct more attention to the very thing they wanted everyone to forget. It happens so frequently, it even has its own name.

The student, identified only as "John Doe," had sex with his accuser on September 8th, 2013, according to details of the case obtained by the Foundation for Individual Rights in Education. Both Doe and his accuser had been drinking. By several accounts, the sex was consensual. The accuser sent Doe a text message beforehand asking him if he had a condom. She also texted a friend and clearly announced her intention to have sex with Doe.

But rape was declared in the sober light of day, thanks in part to an assistant professor's bizarre profiling of Doe as a rapist.

After that night, the accuser spoke with several Occidental employees, including Danielle Dirks, an assistant professor of sociology. Dirks told the accuser that Doe "fit the profile of other rapists on campus in that he had a high GPA in high school, was his class valedictorian, was on [a sports team], and was 'from a good family.'"

Classic rapist. High grades, played sports, good family. Occidental obviously holds its rapists to a higher standard, seeing as Doe fit right in with "the other rapists on campus."

One week later, the rape complaint was filed. The police, as mentioned above, investigated it and deemed the interaction to be drunken sex between two consensual adults. Occidental College, however, was feeling the pressure from up top -- specifically, a recent federal investigation into its rape prevention policies. So it overreacted.

[T]he college hired attorney Marilou Mirkovich to investigate the matter. Mirkovich concluded that the female student did indeed consent to sex. However, since she was intoxicated, her consent was invalid, according to Mirkovich.

(Interesting point, but wouldn't that mean they raped each other? Or is consent vis-a-vis intoxication completely malleable to each situation, in order to better comply with societal expectations?)

So it's unsurprising that Occidental would be unhappy about these documents being displayed online for all to see and judge. It is equally unsurprising, however, that yesterday a Los Angeles County Superior Court judge denied the college's request to seal certain documents relating to the case—specifically, approximately 180 pages comprising an investigative report and accompanying evidence that included interviews with witnesses and the alleged victim.

Unsurprising, indeed. And yet, the university attempted to bury its embarrassment with a straight face, expressing a completely belated "concern" about the personal information contained in the investigative report... four months after it went public. To which the judge responded:

I don't understand why [it] is so pressing in June when it wasn't so pressing in February.

That's the power of negative press. That open-and-shut investigation that forced a dangerous rapist valedictorian off campus was suddenly an ugly, festering byproduct of Occidental's desire to show the US Government that was Very Serious about combating sexual assault and completely willing to offer up as many scapegoats as needed until the pyre of shame receded to an easily-ignored flicker. It was even willing to find as many "experts" as needed to paint Doe into the "rapist" corner, even if the supporting statements made were facially moronic.

But just asking the judge wasn't enough. Occidental tried to get FIRE (Foundation for Individual Rights in Education) to pull its coverage while awaiting the judge's incredulous/sarcastic response.

Occidental managed to bully one student off of its campus, but its limited reach means everyone else remains unaffected, no matter how many requests its law firm sends out. The judge's refusal to assist in patching up the school's self-inflicted wounds should send a message to other entities that find themselves in similar situations. Before attempting a quick burial, consider the possibility that doing so will only result in wider coverage. If you still feel your temporarily wounded pride is worth more than your long-term reputation, go ahead. But don't be surprised if it only results in more criticism.

from the good-move dept

Last week, we wrote about Microsoft's ridiculous decision to search through a reporter's Hotmail email account after realizing that reporter had an unauthorized copy of Windows 8. The whole thing seemed like a huge overreaction by the company -- in trying to track down an almost meaningless leak that was unlikely to have any real impact on anything, the company effectively alerted the world that you had no real privacy in your email. The move was even more ridiculous since Microsoft has more or less bet its email farm on a marketing campaign about how it respects your privacy more than others. Microsoft's first response to this was exceptionally weak. While it announced a "change" in policies, it was still the same basic policy, that effectively (and misleadingly) claimed that it could and would continue to search anyone's email if the company had evidence that you might reveal a leaker.

Apparently -- and somewhat surprisingly -- it appears that Microsoft and its legal team took the criticism seriously. Microsoft's General Counsel Brad Smith has now put out a new blog post announcing a complete change in policy, promising that it will not unilaterally look through any Microsoft user's content in search of "stolen" intellectual property:

Effective immediately, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property from Microsoft, we will not inspect a customer’s private content ourselves. Instead, we will refer the matter to law enforcement if further action is required.

Furthermore, the company will officially change its terms of service to reflect that change in policy. On top of that, it is starting a (somewhat undefined) project with EFF and CDT to work on "best practices" concerning privacy. Smith's apology is quite heartfelt, which is also rare from a big company:

It’s always uncomfortable to listen to criticism. But if one can step back a bit, it’s often thought-provoking and even helpful. That was definitely the case for us over the past week. Although our terms of service, like those of others in our industry, allowed us to access lawfully the account in this case, the circumstances raised legitimate questions about the privacy interests of our customers.

In part we have thought more about this in the context of other privacy issues that have been so topical during the past year. We’ve entered a “post-Snowden era” in which people rightly focus on the ways others use their personal information. As a company we’ve participated actively in the public discussions about the proper balance between the privacy rights of citizens and the powers of government. We’ve advocated that governments should rely on formal legal processes and the rule of law for surveillance activities.

While our own search was clearly within our legal rights, it seems apparent that we should apply a similar principle and rely on formal legal processes for our own investigations involving people who we suspect are stealing from us. Therefore, rather than inspect the private content of customers ourselves in these instances, we should turn to law enforcement and their legal procedures.

Personally, I wish the announcement and policy change went a bit further -- beyond just "intellectual or physical property," but making it clear across the board that, absent a reasonable warrant signed by a judge, Microsoft will not allow anyone to access anyone's content. But, perhaps we'll get there some day. In the meantime, Microsoft does deserve some kudos for changing positions. Most large companies would try to just let this issue fade away rather than proactively address it.

A middle school in Long Island, New York has banned the playing of typical schoolyard games and the use of many pieces of athletic equipment during recess.

CBS reported that Weber Middle School this week “instituted a ban on footballs, baseballs, lacrosse balls, or anything that might hurt someone on school grounds.” The ban also includes “hard soccer balls” and “rough games of tag, or cartwheels unless supervised by a coach.”

Assistant Principal Matthew Swinson explained that "sometimes when they participate in tag they use the opportunity to give an extra push.”

The school takes pain to note that organized sports, the sort of activity that brings in extra money, are not dangerous (if you ignore concussions, sprains, broken limbs, etc.)

In a press release, the school district stated that “structured athletics” with footballs and baseballs do not pose the risk of “an errant throw injuring a child.” However, “unstructured play with hardballs" is dangerous and therefore impermissible.

On Wednesday, Oct. 2, New Groningen kindergarten teachers sent home a letter alerting parents to the policy. It described the problem of children "running in packs, pushing, knocking other children over, and making the game dangerous."

On Thursday, Oct. 3, a follow up letter was sent home with students clarifying the policy after the "no tag" rule created a bit of controversy.

"We want our children to treat each other with respect, kindness, and with safety in mind," said Ginger Smith, community relations manager for Zeeland Public Schools, on Friday.

The concern, of course, is for the safety of the children, something even members of administration note is something it can't possibly guarantee.

"We know kids are going to get injured ... but we have a responsibility to lessen injuries," said [NY assistant principal Matthew] Swinson, explaining that the children could only be trusted with spongy balls.

Yes, a school has a certain responsibility to lessen injuries, but that should only apply to objectively dangerous activities, like fighting, kids on the roof of buildings, etc. -- the sorts of activities that should already be violations of school policies. Banning activities that kids have participated in foryears with a minimum number of debilitating injuries is just ridiculous. Why not just take recess and PE off the table and keep the kids restrained (possibly with three-point belts) at their desks for the entirety of the school day?

A four-year-old Scarborough boy wandered into the wrong classroom on his first day in school, wearing the wrong nametag, and wasn’t immediately spotted. Cue panic: The police were notified, an alert went out, dozens of police with a K-9 unit turned up to scour the neighbourhood, terror spread. The little boy watched it all obliviously, until teachers spotted the mistake.

This occurred on the first day of school, a time when children wander in and out of the wrong classrooms all the time. The district's bus company shuttles nearly 50,000 kids on 1,600 routes every day and an occasional mix-up is to be expected. The police response isn't. While it's admirable that staff leapt into action to make sure all children were accounted for, it's severely undermined by its immediate decision to get the police involved.

This slavish devotion to an unachievable aim (no mistakes; perfect safety) has even managed to hamper the school's own windmill-tilts.

The driver of Alexander’s bus had a list identifying how many kids were to get off at each stop, but wasn’t allowed to know their names for “security” reasons. The bus company had considered providing photographs to the drivers, but again feared unspecified “security” concerns. Over-reacting in the approved manner, the company is now considering radio frequency identification tags that could be attached to backpacks so every child on every bus could be monitored at every moment.

No one involved knows what they're doing, blindly thrashing around towards unachievable goals while hamstrung by misguided "security" efforts. I bash school administrations frequently, but everything detailed above is not solely the fault of blundering, overreaching institutions. There are plenty of parents who should share in the blame. If schools have set themselves up as paragons of child safety, it has as much to do with parents' ridiculous expectations as it does with bureaucratic striving for complete control.

Among any grouping of parents, there will be a subset that believes no harm should ever come to their children. Those few moments when they're prevented from hovering over their young ones, they expect the next line of defense to pick up the slack -- without the slightest drop in quality. There are also a number of parents who aren't as attentive, but still believe the school should keep their kids from getting injured or misplaced and are willing to make this point through lots of yelling and legal threats. Then there are those parents who view public schools as ultra-cheap daycare, but who still believe that the schools should do a better job parenting than they do.

Somewhere in between these extremes, there are sets of realistic parents who understand that sometimes undesirable events happen, including injuries, and that no one is truly to blame unless there's evidence of a severe lapse in controls or observation. But realists are no longer the majority -- if they ever were.

The problem is that administrators have let these unrealistic demands guide their policy making. Part of it is the desire to reduce legal exposure and liability. This leads to ridiculous policy changes like eliminating "hard" objects (with no sharp corners or heavy materials) from everyday play. This leads to kids being suspended for bogus weapons policy "violations."

Parents may express disbelief that tag is no longer allowed at their school, but many of those protesting need to take a long look at their own expectations. No educator can be expected to prevent every injury, threat or harsh word from affecting these parents' children. I think most parents realize this, but when something happens to their kid, all rationality flies out the window as the psyche indulges the very common human urge to attribute blame and hold someone -- anyone -- responsible for this "crime" against their flesh and blood.

To roll back school policies to something approaching reality will take a serious effort from both parents and administration. Schools need to stop over-promising (and reacting badly when they inevitably under-deliver). Parents need to realize the only way they can protect their kids from bad things is to keep them locked up at home. Both need to cede control, especially over eventualities they can't possibly hope to have any input in.

But this is a very unlikely outcome for two reasons. No school administrator wants to roll back policies only to deal with the wrath of parents who still expect schools to provide a protective bubble for their children. Very few parents (other than the realists) want to accept the fact that their children cannot be protected from every eventuality. Because of this impasse, ridiculous policies and overreactions will continue to be the rule, rather than the exception.

from the spy-games dept

The march towards drones becoming a common tool for domestic law enforcement agencies seems inevitable and some people aren't happy about it. We've already covered the backlash against one artist who satarized New York City's drone program. San Diego, for their part, valiantly refused to honor an FOIA request on their domestic UAV program because they determined on their own that there wouldn't be a public benefit to the disclosure. MuckRock thought that was a dodge not afforded San Diego under FOIA rules, but San Diego again declined to say anything at all about the program.

But one thing that has generally been accepted is that law enforcement agencies were required to operate these drones under very strict guidelines and within very strict geographic boundaries. It would appear, for Mesa County, Colorado at least, that may not be universally true. The EFF's Drone Census project has uncovered that Mesa County has two UAVs and can operate them without many of the restrictions in place elsewhere.

The MCSO must abide by standard FAA restrictions on domestic UAV flights, which cap flights to below 400 feet and preclude night flights or operating over "populated areas, heavily trafficked roads, or an open-air assembly of people." But MCSO's drone authorization includes no geographic restrictions: effectively, the agency can fly its UAVs anywhere in Mesa County. This freedom has allowed the agency to log dozens of operational missions since fall 2010. MCSO flight logs indicate that its UAV team has logged more than 160 flight hours on its drones since January 2011.

So, whereas other UAV programs are restricted to flying over areas where they could chiefly assist in locating missing people in difficult to surveil areas, Mesa County can fly them anywhere within their jurisdiction without any limitations beyond the somewhat vague-sounding "populated areas, heavily trafficked roads" or the open air above a large assembly of people. That can leave a great deal of sky to buzz around with less of the oversight I think is desperately needed in programs like this.

Now, just to be clear, these drones do not carry arms. They are used for imaging. Then again, as the creep continues, the rules keep shifting towards greater use and application, so it wouldn't be fair to slam anyone concerned that someday we may indeed see armed UAVs over our skies. Equally worrying is this:

MCSO has been using drones operationally for two years, but the department has no written drone policy outlining the uses for which its officers may deploy UAVs. Ms. Barnes writes that MCSO is "currently in the process of drafting a written policy for the use of our unmanned aircraft."

Well, that's just peaches. Military-style technology deployed domestically without any official policy for its use. I feel so warm and fuzzy inside.

from the can't-support-that dept

Remember last month, when some SOPA supporters were pretending that because the Business Software Alliance (BSA) supported SOPA, it meant that all of its member companies supported SOPA too? Yeah, well, that resulted in the BSA backing down, after it realized (with some prompting from Microsoft) that perhaps SOPA wasn't such a good thing. It appears that that's not enough for some tech companies. Anti-virus firm Kaspersky has announced that it's dumping its association with the BSA because of its support for SOPA. The company says that it "does not support this initiative," explaining:

We believe that such measures will be used contrary to the modern advances in technology and the needs of consumers.

Perhaps the BSA will learn to not be so quick on the draw in the future to support every single idea to make copyright more and more draconian.

from the the-right-way-and-the-wrong-way dept

As law enforcement continue to try to chase down every lead to figure out who was behind LulzSec, a bit of wisdom from Loz Kaye in the UK. He notes that efforts like LulzSec, Wikileaks, Anonymous and others are being driven by bad government policies, in which governments look to clamp down on free speech and shut down technologies they don't understand, just because some people might use them for things the government doesn't like. The end effect is actually driving more people to demonstrate just what the technology can be used for in protest.

LulzSec wasn't an isolated or unique phenomenon. People with passionate beliefs have been using new technological tools to effect change out of a sense of powerlessness. In the last year, I've watched 38 Degrees using the strength of association online to change government policy, WikiLeaks force transparency on those who'd rather run from it, even the amorphous mass that is Anonymous taking a stand on whatever issue they feel deserves their attention.

These tools are now themselves under attack. Lord Mandelson's last gift to us, the Digital Economy Act, is just one of a raft of "three strikes laws" worldwide that threaten to cut off households from the web. Buried in the coalition's Prevent strategy is the assertion that "internet filtering across the public estate is essential". Nor is it solely a British issue; Nicolas Sarkozy called for global online governance at the eG8 in his attempt to civilise the "wild west" of the web.

I don't think very many people in the government recognize this simple fact. They continue to treat these web-native movements as if they can be dealt with in the same manner as criminal operations. They may arrest a few people here or there, but that's not going to have the desired impact. If anything, it's only going to drive even more people to join the fray.

We've reached a critical juncture: either we sail headlong into escalating confrontation, or we attempt to change tack and reduce the tension by finding a democratic way forward, one that preserves our right to free association. From anonymous bloggers in Iran, to those using Twitter and Facebook in Tahrir Square and even teenagers in the bedrooms of Essex, there is a common thread. A feeling of persecution and dismay that our freedoms are being suppressed.

Of course, I can't see any government today smart enough to recognize this. It seems that they're going to continue down this path that they've chosen, and then act surprised when it fails to have much of an impact, other than to escalate the problems.

from the no-good-deed dept

Walmart has pretty specific rules for how employees are supposed to deal with shoplifters, however, it does seem a bit bizarre that the company would go so far as to fire some employees who disarmed a gun-toting thief. Obviously, the idea is that they don't want to encourage other employees to do the same thing, but does it really reach up to the level of firing the employees? At some point you have to wonder if there's a middle ground that makes sense.